Antiy AVL ATool Buffer Overflow Vulnerability

Antiy AVL ATool is a security management tool with anti-virus features from Antiy Labs in China. A buffer overflow vulnerability in the handling of IOCTL 0x80002004 by the ssdt.sys kernel driver in Antiy AVL ATool version 1.0.0.22 can be exploited by a local attacker to execute arbitrary code in...

Local Access Privilege Vulnerability in Multiple Siemens Products

Siemens SINUMERIK 808D and so on are the German Siemens Siemens company's CNC machine tool system controller. A security vulnerability exists in several Siemens products. A local attacker can exploit this vulnerability with ioctl calls to perform out-of-bounds reads, arbitrary writes, or execute...

CVE-2018-11465

A vulnerability has been identified in SINUMERIK 808D V4.7 All versions, SINUMERIK 808D V4.8 All versions, SINUMERIK 828D V4.7 All versions V4.7 SP6 HF1, SINUMERIK 840D sl V4.7 All versions V4.7 SP6 HF5, SINUMERIK 840D sl V4.8 All versions V4.8 SP3. A local attacker could use ioctl calls to do ou...

Microsoft Windows Win32k Privilege Mobilization Vulnerability

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Win32k is a 32-bit environment for one of these operating systems. A lift vulnerability exists in the Microsoft Win32k component that stems from a program's failure to properly handle...

Antiy-AVL IATool security management buffer overflow vulnerability

Antiy-AVL IATool security management is a security management tool with anti-virus function from China Antiy Labs. A buffer overflow vulnerability exists in Antiy-AVL IATool security management version 1.0.0.22, which is caused by the program failing to properly validate the length of...

Apple tvOS IOKit Memory Corruption Vulnerability

Apple tvOS is an operating system for Smart TVs from Apple Inc. in the U.S. IOKit is one of the components that reads system information. A security vulnerability exists in the IOKit component of Apple tvOS prior to version 12. An attacker can exploit this vulnerability to execute arbitrary code...

kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space

A an integer overflow vulnerability was discovered in the Linux kernel, from version 3.4 through 4.15, in the drivers/gpu/drm/udl/udlfb.c:udlfbmmap function. An attacker with access to the udldrmfb driver could exploit this to obtain full read and write permissions on kernel physical pages,...

kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space

A an integer overflow vulnerability was discovered in the Linux kernel, from version 3.4 through 4.15, in the drivers/gpu/drm/udl/udlfb.c:udlfbmmap function. An attacker with access to the udldrmfb driver could exploit this to obtain full read and write permissions on kernel physical pages,...

MGASA-2018-0419 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.78 and adds additional fixes for the L1TF security issues. It also fixes at least the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of service attack with low rates of specially modified packets...

Apple iOSmacOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem

Apple iOSmacOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem iohideventsystem is a MIG service which provides proxy access to various HID devices for untrusted clients. On iOS it's hosted by backboardd and on MacOS by hidd. The actual implementation is ...

Sun Solaris 11.3 AVS Kernel - Local Privilege Escalation

Sun Solaris 11.3 AVS Kernel - Local Privilege Escalation / Exploit Title: Solaris/OpenSolaris AVS kernel code execution Google Dork: if applicable Date: 24/7/2018 Exploit Author: mu-b Vendor Homepage: oracle.com Software Link: Version: Solaris 10, Solaris Sun Opensolaris include include include...

Apple macOS High Sierra Hypervisor Memory Corruption Vulnerability

Apple macOS High Sierra is a suite of specialized operating systems developed by Apple for Mac computers.A Hypervisor also known as a Virtual Machine Monitor VMM is an intermediate software layer that runs between a physical server and an operating system, allowing multiple operating systems and...

Apple macOS High Sierra memory corruption vulnerability (CNVD-2018-12164)

Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers.IOHIDFamily is one of the kernel extensions Abstract Interface for Human Interface Devices components of IOHIDFamily. A security vulnerability exists in the IOHIDFamily component in Apple macOS High...

Microsoft Windows Win32k Elevation of Privilege Vulnerability (CNVD-2018-10987)

Microsoft Windows is a set of operating systems developed by Microsoft Corporation in the U.S. Windows uses a graphical mode GUI. Microsoft Windows suffers from an elevation of privilege vulnerability. The vulnerability arises because the Win32k component fails to properly handle objects in memor...

UBUNTU-CVE-2018-8781

The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code...

CVE-2016-9093

A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able t...

Memory Corruption Vulnerability in Apple macOS Sierra AppleGraphicsControl

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.AppleGraphicsControl is one of the integrated graphics drivers. A security vulnerability exists in the AppleGraphicsControl component of Apple macOS Sierra versions prior to 10.12.6. An attacker can exploit...

PT-2018-18627 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.4 through 4.15 Description: The issue allows local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in code execution in kernel space. This is due t...

Microsoft Desktop Bridge Elevation of Privilege Vulnerability

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Desktop Bridge is one of the desktop application converters. A boost vulnerability exists in Microsoft Desktop Bridge, which stems from the program's failure to properly manage the...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix six bugs are now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...